diff options
| author | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-07-11 07:14:13 +0000 |
|---|---|---|
| committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-07-11 07:14:13 +0000 |
| commit | eea9987380fcbd852394bd231c0f6a86d6e6c6ef (patch) | |
| tree | 427eda775c48afa86bf2219797d8a8c19fe43b0d | |
| parent | 0c8d8a9a138813cd501a7ada05dc6c7bfecb3378 (diff) | |
| parent | dbea77ebb5345c9ce1d84db198ae78d7b1536fe5 (diff) | |
| download | security-aml_ext_331112010.tar.gz | |
Snap for 8816043 from dbea77ebb5345c9ce1d84db198ae78d7b1536fe5 to mainline-extservices-releaseaml_ext_331814220aml_ext_331412000aml_ext_331312000aml_ext_331112010aml_ext_331012020android13-mainline-extservices-release
Change-Id: Ie803f5a8fa953471a8ab56382ee31f0614095d0e
| -rw-r--r-- | keystore2/src/attestation_key_utils.rs | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/keystore2/src/attestation_key_utils.rs b/keystore2/src/attestation_key_utils.rs index 8354ba5c..34089425 100644 --- a/keystore2/src/attestation_key_utils.rs +++ b/keystore2/src/attestation_key_utils.rs @@ -59,8 +59,11 @@ pub fn get_attest_key_info( db: &mut KeystoreDB, ) -> Result<Option<AttestationKeyInfo>> { let challenge_present = params.iter().any(|kp| kp.tag == Tag::ATTESTATION_CHALLENGE); + let is_device_unique_attestation = + params.iter().any(|kp| kp.tag == Tag::DEVICE_UNIQUE_ATTESTATION); match attest_key_descriptor { - None if challenge_present => rem_prov_state + // Do not select an RKP key if DEVICE_UNIQUE_ATTESTATION is present. + None if challenge_present && !is_device_unique_attestation => rem_prov_state .get_remotely_provisioned_attestation_key_and_certs(key, caller_uid, params, db) .context(concat!( "In get_attest_key_and_cert_chain: ", |